Presentation is loading. Please wait.

Presentation is loading. Please wait.

EPAL and Management of Privacy Obligations

Published byAdrian Webster Modified over 5 years ago

Similar presentations

Presentation on theme: "EPAL and Management of Privacy Obligations"— Presentation transcript:

1 EPAL and Management of Privacy Obligations
Presentation Title EPAL and Management of Privacy Obligations Marco Casassa Mont Trusted Systems Lab Hewlett-Packard Labs, Bristol, UK 13-14 May 2004, Lubeck, Germany

2 Presentation Outline HP Position on EPAL
Privacy Obligation Management and Technical Solution leveraging EPAL Additional Requirements for EPAL Conclusions 4/7/2019

3 HP Position on EPAL HP Supports the Standardisation Process of EPAL.
The current EPAL Version is a starting point towards a standard HP Labs are interested in Investigating and Researching the usage of EPAL in a variety of contexts, including: - Research Prototypes - Commercial Offering 4/7/2019

4 Using EPAL for Management of Privacy Obligations
Importance of dealing with Privacy Obligations - Need to be compliant with Laws, Legislation, Organisations’ Guidelines, Customers’ Requests … EPAL provides a framework to deal with Privacy Policies HP Labs/TSL is researching in the context of Privacy Obligation Management for Enterprises: - Exploring how to leverage EPAL … Research and work (partially) done in EU PRIME 4/7/2019

5 the security and confidentiality of customer information”
Privacy Obligations Dictated by Laws, Legislation, Organisations’ Guidelines, Customers’ Requests, … EU Legislation, OECD, US Laws (HIPPA, COPPA, GLB, etc.) Define requirements and actions to be fulfilled by Organisations and Enterprises concerning Personal Data Obligations can be very abstract: “Every financial institution has an affirmative and continuing obligation to respect customer privacy and protect the security and confidentiality of customer information” Gramm-Leach-Bliley Act 4/7/2019

6 Privacy Obligations More refined Privacy Obligations dictate
responsibilities with respect of Personal Information: Notice Requirements Enforcement of opt-out options Limits on reuse of Information and Information Sharing 4/7/2019

7 Privacy Obligations Even more refined Privacy Obligations specify
“technical” constraints on Personal Information: “Notify Data Owners every time their Personal Data is involved in a Transaction or Accessed by Personnel” “Access/Changes to Personal Data must be Audited” “Delete Personal Information after 7 Years” “Delete Personal Information of Customers whom do not come back to this web site within 30 days” 4/7/2019

8 Categories of Privacy Obligations
“Transactional” “Notify Data Owners when their Personal Data is involved in a Transaction or is accessed by Personnel” “Audit the Access/Changes to Personal Data” “Delete Personal Information after 7 Years” “Delete Personal Information of Customers that do not come back to this web site within 30 days” “Non-Transactional” - Ongoing Obligations 4/7/2019

9 Privacy Obligations We focus on technical aspects of Obligations (even if we recognise it is not just a matter of technology…) To be technically enforceable a Privacy Obligation requires the definition of: Timeframe and Period of Validity Events and Situations that Trigger the Obligation Target of the Obligation (PII data, etc.) Actions and Tasks to be fulfilled for its Enforcement Entities that are Accountable for its Enforcement Accountability Criteria (logging, reporting, notification, etc.) Exceptions and Special Cases 4/7/2019

10 Privacy Obligation Management
Interactions/Transactions Involving Personal Data Ongoing and Long-term Privacy Obligations Authorization Process Obligation Management and Enforcement “Transactional” Privacy Obligations 4/7/2019

11 EPAL and Privacy Obligation Management
User, Application, Service, … EPAL-driven Authorization and Enforcement Obligation Management And Enforcement Personal and Private Information Privacy Management Framework 4/7/2019

12 EPAL and Privacy Obligation Management
4/7/2019

13 Example of EPAL Rule Privacy Policy (informal):
Allow a sales agent or a sales supervisor to collect a customer's data for order entry if the customer is older than 13 years of age and the customer has been notified of the privacy policy. Delete the data 3 years from now. EPAL Privacy Rule: ruling allow user category sales department action store data category customer-record purpose order-processing condition the customer is older than 13 years of age obligation delete the data 3 years from now Source: 4/7/2019

14 EPAL and Privacy Obligation Management
EPAL supports Privacy Obligations: “EPAL defines an Abstract Authorization Interface that outputs a Decision and Obligations …”  There is a clear fit for “Transactional” Obligations but … Is it correct to describe also “Non-Transactional” Privacy Obligations within an EPAL rule? These Obligations can actually specify “First Class” Policies  Why “Embedding” them in the context of Authorization Rules? These Obligations might need to be enabled and enforced independently by any Transaction or Interaction (e.g. Unconditionally Delete Personal Data XYZ after 7 years …) 4/7/2019

15 EPAL and HPL Privacy Obligation Management – Current Status
Interactions and Transactions Involving Personal Data Ongoing and Long-term Privacy Obligations EPAL “Transactional” Privacy Obligations Obligation Management Service 4/7/2019

16 HPL Privacy Obligation Management High-Level Architecture
Server Obligation Store & Versioning Events Handler Enforcer Obligation Monitoring Service Audit Logs Confidential Data Ref. obligation result feedback 4/7/2019

17 HPL Privacy Obligation Management
Applications and Services Portal Users Admins Privacy Portal GUI: Authoring & Display Obligation Monitoring Service Admins Monitoring Task Handler Obligation Handler Retrieve Store/ Tracking Active Obligations Workflows Events Handler Obligation Enforcer Association Manager Obligation Scheduler & Manager Action Adaptors Obligation Server ENTERPRISE Audit Server Data Ref. Obligation Information Tracker Audit Logs Obligation Store & Versioning Confidential Data 4/7/2019

18 Open Issues [1/2] Dealing with different types of Privacy Obligations:
- using same Language - Independence from the Nature of the Obligation (Transactional, Non-Transactional, …) Strong Stickiness of “Obligation Policies” to Personal Data might be Required (for data transmission, etc.) Provide degrees of Assurance on Obligations Enforcement and overall Accountability Dealing with Trust Aspects 4/7/2019

19 Open Issues [2/2] Dealing with Explicit Management of Conflicting
Obligations, at the Enforcement time: - Criteria can change based on the Context, Location … - Different priorities (on the same Rule-set) dictated by Local Legislation, Guidelines, Local Arrangements, … - Different rule-sets in a Policy might be “active” in different contexts … Note: at the moment EPAL addresses conflicts on rules via: - precedence, i.e. priority in the rule list - “delegation” to additional management tools  Using rule preconditions can add complexity to rules 4/7/2019

20 EPAL: Additional Requirements
Extend EPAL to represent different types of Privacy Policies: EPAL  EPL Goal: allow the explicit definition of Privacy Policies beyond Authorization: “Non-transactional” and “Ongoing” Privacy Obligations Trust Compliance Policies for Privacy 4/7/2019

21 EPAL: Additional Requirements
Introduce “Meta-Rules” within the EPAL Language to declare: How to deal with conflicting rules within a policy How to select “relevant” rules Goal: Explicit Management of Rule/Policy selection: Go beyond the current approach based on positional “precedence” Ensure Portability across different Privacy Frameworks Define evaluation mechanisms adaptive to Context, Localization (EU,US, …) 4/7/2019

22 EPAL: Additional Long-term Requirements
Extending the Expressiveness of Policy Rules to deal with: Trust Constraints on Systems (Requestor, Policy Evaluator, etc.) and Entities based on Contextual Information Selective Disclosure of data, for example based on the Current Level of Trust i.e. Privacy driven by Trust Accountability, for example declaring actions that require authenticated Audit and Interactions with Trusted Third Parties 4/7/2019

23 Conclusions HP supports the Standardisation Process of EPAL
HP Labs are interested in Investigating and Researching the usage of EPAL, including leveraging EPAL for Privacy Obligation Management EPAL could be extended to: - Describe Policies/Rules that are not based on Authorisation - Add “Meta-Rules” to increase policy portability, explicitly address conflicts and define additional requirements In the longer-term EPAL could deal with trust constraints, selective disclosure and accountability 4/7/2019

24 BACKUP Slides 4/7/2019

25 Example of Technical Representation of Privacy Obligation
- <Obligations>   <ObligationId>oblId1</ObligationId>   <Description>Delete Confidential Data for Pseudonym: uid1</Description> <ObligationTriggerDescriptor>   <Type>Event</Type>   <SubType>TimeBasedEvent</SubType> <Parameters> <TriggerTime>   <Year>2007</Year>   <Month>4</Month>   <Day>28</Day>   <Hour>13</Hour>   <Minute>30</Minute>   </TriggerTime>   </Parameters>   </ObligationTriggerDescriptor> <Target>   <DataOwner>uid1</DataOwner>   <DataType>Database</DataType>   <DataLocator>SELECT * FROM Customers WHERE CustomerId='uid1'</DataLocator>   </Target> <Actions>   <Action>Delete</Action>   </Actions>   </Obligations> 4/7/2019

26 Presentation Title

Download ppt "EPAL and Management of Privacy Obligations"

Similar presentations

Privacy: Accountability and Enforceability Jamie Yoo April 11, 2006 CPSC 457: Sensitive Information in a Wired World.

Privacy: Accountability and Enforceability Jamie Yoo April 11, 2006 CPSC 457: Sensitive Information in a Wired World.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Privacy Management for a Global Enterprise.

© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Privacy Management for a Global Enterprise.
On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.

On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Panel: Business Impact of Research.

© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Panel: Business Impact of Research.
Www.oaic.gov.au Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
©Silberschatz, Korth and Sudarshan1.1Database System Concepts Chapter 1: Introduction Purpose of Database Systems View of Data Data Models Data Definition.

©Silberschatz, Korth and Sudarshan1.1Database System Concepts Chapter 1: Introduction Purpose of Database Systems View of Data Data Models Data Definition.
COMP8130 and 4130Adrian Marshall 8130 and 4130 Test Management Adrian Marshall.

COMP8130 and 4130Adrian Marshall 8130 and 4130 Test Management Adrian Marshall.
Dr. Kalpakis CMSC 461, Database Management Systems Introduction.

Dr. Kalpakis CMSC 461, Database Management Systems Introduction.
Property of Common Sense Privacy - all rights reserved 01875340890 THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.
Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)

Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)
Identity Management Marco Casassa Mont Trusted E-Services Lab Hewlett-Packard Laboratories Bristol, UK June 2002.

Identity Management Marco Casassa Mont Trusted E-Services Lab Hewlett-Packard Laboratories Bristol, UK June 2002.
ITEC224 Database Programming

ITEC224 Database Programming
Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK InfraSec 2002 InfraSec 2002 Bristol, 01-03 October 2002 Marco Casassa Mont Richard.

Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK InfraSec 2002 InfraSec 2002 Bristol, October 2002 Marco Casassa Mont Richard.
Policy Review (Top-Down Methodology) Lesson 7. Policies From the Peltier Text, p. 81 “The cornerstones of effective information security programs are.

Policy Review (Top-Down Methodology) Lesson 7. Policies From the Peltier Text, p. 81 “The cornerstones of effective information security programs are.
Session ID: Session Classification: Dr. Michael Willett OASIS and WillettWorks DSP-R35A General Interest OASIS Privacy Management Reference Model (PMRM)

Session ID: Session Classification: Dr. Michael Willett OASIS and WillettWorks DSP-R35A General Interest OASIS Privacy Management Reference Model (PMRM)
Name Position Organisation Date. What is data integration? Dataset A Dataset B Integrated dataset Education data + EMPLOYMENT data = understanding education.

Name Position Organisation Date. What is data integration? Dataset A Dataset B Integrated dataset Education data + EMPLOYMENT data = understanding education.
November 2008 Tim Meyer Merrill Lynch Annuity Straight Through Processing E-Signature Process.

November 2008 Tim Meyer Merrill Lynch Annuity Straight Through Processing E-Signature Process.
Mr.Prasad Sawant, MIT Pune India Introduction to DBMS.

Mr.Prasad Sawant, MIT Pune India Introduction to DBMS.
1 Copyright © 1999-2008 International Security, Trust & Privacy Alliance -All Rights Reserved Making Privacy Operational International Security, Trust.

1 Copyright © International Security, Trust & Privacy Alliance -All Rights Reserved Making Privacy Operational International Security, Trust.

Similar presentations

Ads by Google